Have you added the allowed redirect uri to your app?
If this does not work either, it would be very great to get something to reproduce it, for example a simple html app that implements login as well and access to your production system.’
You can also debug the identity server, there is no guarantee that it is bug free. Unfortunately I do not have that much time for identity server at the moment as there is so much to do.
Yes i have added the allowed redirect uri to the android app. I’ll try the other part you mentioned.
@Sebastian The redirect is working now but when i am trying to get the token it does not show anything in the app. I am sending the client secret as well in the URL. Does it have to be encoded?
Logs:
IdentityServer4.Validation.ClientSecretValidator[0]
Client secret validation failed for client: 930857497838-gos2rg1mvcmpo3q234jdvmmkl1gq5ov8.apps.googleusercontent.com.
When you create the secret you have to enter it as a hash, e.g.use a random value and then hash it with: https://emn178.github.io/online-tools/sha256.html
What was the problem with redirect?
It was related to passing correct scope and all the other related parameters.
For the client secret, i have to update the same on the client in CMS as well right?
Yes, that’s correct. Btw: It would be very awesome if you could write a page for the docs about it
Sure… Will do. 
And I am still not able to get the token even though I am passing the same hashed client secret which is mentioned in CMS. It still throws the same error. I don’t know if i am missing a step or something.
What token are you talking about?
With client_credentials flow you do not get that much information, because you are not authenticating in the name of a user.
The token which i’ll get from http://URL/connect/token by passing the authorization code which will then be used to get the user info from the cms using http://URL/connect/userinfo endpoint.
Also the response type which I am requesting is code which gives the authorization code not client_credentials anymore as we want authentication.
I think you need the implicit flow and response type should be id_token token
But if i use id_token token and implicit flow, I am not able to get the authorization_code while calling the http://url/connect/authorize endpoint.
I think you do not have to call the endpoint manually.
Hey Sebastian, I am now able to get the user info by passing the access token. Can you please help me regarding how to refresh a token… And also is there a way to extend the expiry time of the token in the identity server. @Sebastian
To be honest, I need to have a look as well. I think you have to request offline access if I remember correctly and then your library should hopefully do the rest.
Yeah. Got it working. Had to pass offline access scope with token request.
@Sebastian is there a way to extend the expiry time of the token in the identity server.? Currently it send the expiry time as 3600. Is it hours or seconds?
It is seconds. Currently there is no setting. I think it is a client setting:
You could create a PR for that to store the expiration time in squidex as well.
@antrikshkmr I would really appreciate if I can see or hear about your process for utilizing the AppAuth Library and Squidex Client details for being able to properly authorize and utilize squidex in an Android client.
What exactly is the issue?